File size: 1.83Kb
<?php
session_start();
include("includes/lang.php");
$title = $lang["login"];
include('includes/connect.php');
include('includes/header.php');
echo '<div class="title"><img src="'.$url.'/images/lin.png" alt="*"> '.$lang["login"].'</div>
';
if(isset($_POST['LogIn'])){
$username = input($_POST['username']);
$pass = md5(input($_POST['pass']));
$code = addslashes(input($_POST['code']));
if(!$username || !$pass || $code ==''|| $code != $_SESSION['security_code']){
echo '<div class="news">'.$lang["err"].'<br/>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
} else {
$queryUser = mysql_query("SELECT * FROM users WHERE username = '$username'") or die ( mysql_error());
if(mysql_num_rows($queryUser)>0){
$info = mysql_fetch_assoc($queryUser);
if($pass != $info['password']){
echo '<div class="news">'.$lang["err-uspass"].'<br/>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
} else {
$_SESSION['userid'] = $info['id'];
$_SESSION['rights'] = $info['rights'];
header("location: index.php"); }
} else { echo '<div class="news">'.$lang["err-uspass"].'<br/><a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
}
} else {
if(isset($_SESSION['userid'])|| isset($_SESSION['userid'])) { session_destroy();
echo '<div class="news">'.$lang["session-exp"].'</div>'; } else {}
echo '<div class="list"><div class="login">
<form method="POST">'.$lang["username"].':<br/>
<input type="text" name="username" value="" size="15" class="name">
<br/>'.$lang["password"].':<br/>
<input type="password" name="pass" value="" size="15" class="pass">
<br/>'.$lang["captcha"].':<br/>
<img src="'.$url.'/captcha.php?width=100&height=40&characters=5" alt="security code"><br>
<input type="text" name="code" value="" size="5">
<input type="submit" value="'.$lang["login"].'" name="LogIn"/></div>';
echo '</div>';
}
include "includes/footer.php";
?>